git repository to make package compile with ocaml 4.0.3.
Changes include:
* Cryptography: adding basic support for public key cryptography
(provided by GnuTLS)
* Authentication: the module types for SASL and HTTP authentication
have been changed to a stateless style. Added an experimental
SCRAM module for HTTP.
* Nethttp_client: Supporting Digest authentication with
SHA-256 as hash algorithm. Supporting Basic authentication
with "charset" parameter.
* XDR/RPC: supporting that direct mappings can be disabled
when this is disadvantegous. For now, this is done for
internal RPC services, because direct mappings do not
copy values, which would be very surprising here.
* Netplex: adding support for so-called internal services.
This is a fast and type-safe way of exchanging messages
between netplex containers.
* ALL MODULES: Transitioning to the new "bytes" type for
mutable strings while using "string" only for immutable
strings. If compiled with OCaml-4.02 or newer, Ocamlnet
is built with the -safe-string compiler option.
* Netplex_sharedvar: implementing a new protocol that uses shared
memory for announcing variable updates. Also, almost all functions
can now be called from controller context.
* Netsys_global: new module, for keeping a dictionary of global
strings. The dictionary is connected with Netplex_sharedvar, so
that the strings can be updated across process boundaries if used
with Netplex.
* Netsys_polysocket: adding this module
* Netsys_polypipe: adding this module
* Netasn1_encoder: new module for encding ASN.1 messages
* Netnumber: on 64 bit platforms, the functions lt_uint4 and
lt_uint8 were wrong. Fixed now.
ocaml.mk. It was becoming more trouble than it was worth: only a minority
of packages used it, and it only made Makefiles more confusing.
(I've left out some packages: these will be updated forthwith)
* GnuTLS: compatibility with GnuTLS-3.4.2
* Nethttpd_plex: the post_add_hook was not called by accident
(since OCamlnet-4); this is now fixed.
* Nethtml: new option case_sensitive
* GnuTLS: initializing the library on-demand. This avoids that
/dev/random is kept open all the time since program start, and
works around incompatibilities with Netplex. (Thomas Calderon
found the problem.)
* GnuTLS: setting DH parameters on certificates (this was forgotten in
previous releases). (Thomas Calderon found the problem.)
* GnuTLS: supporting GnuTLS versions where SRP is disabled.
Supporting GnuTLS-3.4.
* OpenBSD build: fix linker option (Christopher Zimmermann)
* Equeue: There is a new method request_proxy_notification,
which is only used by Uq_engines.qseq_engine (but unfortunately
needs to appear in the public type of the object). This new
method permits that chains of Uq_engines.qseq_engine pairs
can now be arbitrarily long without consuming too much memory
and without the danger of getting stack overflows.
This fixes issues where notification chains got too long. In
particular, we saw a stack overflow when retrieving a video
stream via HTTP. The stream was sent with many chunks, resulting
in a long Uq_engines.qseq_engine chain.
Implementers of engines can simply define request_proxy_notification
as no-ops.
* Nethttp.set_content_range: this function generated an incorrect
header (the "bytes" word was missing). (Török Edwin)
* _oasis is generated from _oasis.in
* Netplex: the Netplex socket directory has a different default
if not specified in the config file.
* Netshm: the POSIX specifier has now two args
* IPv6: automatically enabled if there is a global IPv6 address
* Unicode tables: Moved them to a separate netunidata library.
This library needs to be linked in for getting access to the
tables (this is no longer the default).
* Renamings: Http_client, Ftp_client etc. => Nethttp_client,
Netftp_client
Mimestring => Netmime_string
Xdr => Netxdr
* Netmime: moved functions to Netmime_header and Netmime_channels
* Netmech_scram: Removed the check that passwords only consist of
ASCII chars. The user can now call Netsaslprep.saslprep.
* Removed: rpc-auth-dh, nethttpd-for-netcgi2
* Http_client: the authentication mechanisms are now encapsulated
in a first-class module HTTP_MECHANISM. So far, there is Digest
authentication in this form. The signature of HTTP_MECHANISM
is similar to SASL_MECHANISM.
Another visible change is that the insecure Basic authentication
is no longer enabled for non-TLS-secured connections. This can be
changed back by setting flags, though.
Some fixes in the design improve Digest authentication for proxy
connections.
* Netpop: implementating SASL authentication for POP3. Moved Netpop
into netclient.
* Netsmtp: implementing SASL authentication for SMTP. Moved Netsmtp
into netclient.
* Adding a framework for SASL, and a number of mechanisms
(PLAIN, CRAM-MD5, DIGEST-MD5, SCRAM-SHA1).
* fcgi/scgi/ajp connectors: exporting a handle_connection function,
and unifying existing such functions (Christopher Zimmermann)
* adding support for modular cryptography (symmetric ciphers and
digests)
* SCRAM is now implemented with the new crypto providers
* removing dependency on Cryptokit
* removed library netgssapi; now part of netsys/netstring
* removed library netmech-scram; now part of netstring
Ocamlnet-4 adds:
- new library netgss-system
- new library nettls-gnutls
- removed equeue-ssl and rpc-ssl
- X.500 modules Netasn1, Netdn, Netx509
- Crypto definitions Netsys_crypto_types, Netsys_crypto
- TLS modules Netsys_tls, Nettls_support
- Support for SASL and GSSAPI
- Moved many functions from Uq_engines to new modules in
the equeue library (Uq_client, Uq_server, Uq_multiplex,
Uq_transfer)
* netstring-pcre: removing dependency on camlp4 (an oversight).
* Fixing bad format strings (Damien Doligez)
* Windows: various fixes, including int sizes for 64-bit Windows,
the invocation of cppo, and CR characters. Also, unixsupport.h
is now used instead of declaring the prototypes directly.
(Andreas Hauptmann)
* C99: use int64_t instead of int64 in C code. The latter is gone
in OCaml-4.02. (Richard Jones)
* Build: no longer requiring camlp4 (as it is not distributed with
ocaml-4.02)
* Fixing some unit tests
* Netexn: new exception representation in ocaml-4.02
* Build: renaming file for a configure test to avoid a
naming conflict (Richard Jones)
* Https_client and aggressive connection caching: In previous
versions there was a problem with the reinitialization of the
SSL socket when a former connection was reused. The fix requires
an API change of connection_cache: The SSL socket can now be
stored with the inactive connection.
* Http_client: fixing a bug with connection caching: Address
resolution was not taken into account for computing the key
in the connection cache.
* ssl_exts_stubs.c: releasing global lock on shutdown error
(T<F6>r<F6>k Edwin)
* Uq_ssl: Fix error path when SSL connection fails during the
handshake
e-mail address). Changes include:
* Shell.to_file: implement the append flag as documented
* The libraries netcamlbox and netmulticore are now only built
if completely supported.
* Porting netcamlbox and netmulticore to ocaml-4.01:
There are new implementations in OCaml for caml_modify and
caml_initialize that are incompatible with our usage here.
Fortunately, these symbols are now weak, and we can override
them. This is done in netsys.outofheap, and for the time being
we just use the old implementation from ocaml-4.00.
* Porting netsys to ocaml-4.01: O_CLOEXEC is now supported
if found
* Netsys_sem: fix for systems that don't have
Netsys_posix.sysconf_open_max (e.g. Win32).
* Http_fs: read method: fixing a problem with resent messages
* Http_client: better reaction after "100" responses
* Http_client: implementing verbose_response_header, and
verbose_response_contents again
* Uq_ssl: debugging of payload data (Uq_ssl.Debug.dump_data)
* Http_fs: fixing chunked encoding for PUT (this is already done
in Http_client)
* Nethttp: new function base_code
* Http_client: handling the case better that an unknown status
code is returned by the server. Before, [response_status] simply
raised [Not_found]. Now, the base status is returned instead.
* Extending ocamlrpcgen: It supports now six new directives,
_lowercase, _uppercase, _capitalize, _prefix, _equals,
and _tuple (see documentation).
* Netplex_container: emits now backtraces if these are enabled.
* Http_fs: adding [last_response_status] method
* Rpc_client: fixing a potential endless loop when session IDs
are reused
* Rpc_client: fixing the shutdown when a TCP connection is
immediately refused, and GSS-API authentication is active.
* Netcgi_fcgi.run: no longer ignoring the sockaddr argument
(problem reported by Watanabe Masaki)
* Remove duplicate method Netpop.stat
* Build fix for netstring-pcre
* Regular expressions: The config switch -enable-pcre no
longer switches the default backend to PCRE. The default
remains Str, and only Netstring_pcre is additionally
built. The new switch -enable-full-pcre has now the
stronger meaning of also using PCRE as default backend.
New documentation page Regexp explaining this.
* Netmcore_basics.txt: more documentation for Netmulticore
* Netgzip.ml: Fixing a bug in the inflating pipe (bad calculation
of the crc)
* Netplex_mbox: implementation of a simple message box allowing
communication between Netplex components. This module does
neither need Netmulticore nor Netcamlbox, but is relatively slow.
* netcgi2-apache: fixing build against apache-2.4.
* netcgi2-apache: fixing bug that PKGNAME was incorrect
* netcgi2-apache: the directory of the OCaml stdlib is now
added via rpath to mod_netcgi_apache.so so that
libcamlrun_shared.so is automatically found
* Http_client: more liberal interpretation of the "domain" part
of authentication keys
* src/netsys/netsys_c_poll.c: Fix FD_CLOEXEC
(Guillem Jover <guillem@hadrons.org>)
* Http_client authentication: The domain for authentication
keys can be set to ["*"]. Also, port number can be omitted
in such domains.
* Http_client authentication: adding skip_challenges auth style
* Uq_engines: New [qseq_engine] class. This is the same as
[seq_engine], but it does not forward pure progress events.
The operator [++] is now backed by [qseq_engine]. This change
fixes performance bugs (e.g. Http_client had problems with
HTTP responses consisting of many chunks).
* Netmcore, Netmcore_process: also adding a function [run] in
in addition to [startup] for jobs that want to return something.
With [join_nowait] one can now get the result of the first process.
Also updated examples/multicore/create_join.ml.
* Netplex_main: new function [run], designed for compute
jobs run under Netplex regime
* Netdate: adding ISO-8601 week numbering. Fixing test suite
and some bugs
- removed obsolete file PLIST.opt (now implemented using PLIST_VARS)
* Netmcore_heap.mli: allowing to [add] bigarrays. New
function [add_string] for creating uninitialized strings on
heaps. New function [add_immutable] for retaining value sharing.
* Netsys_mem: New options [Copy_conditionally] and [Keep_atom]
for function [init_value].
* netsys_c_subprocess.c: fixing a deadlock issue
(when calling commands via the Shell library)
* Netdate: Fix interpretation of the ~localzone argument
of several functions. Now the timezone is assumed for the
target time, not the calling time
* Netdate: Adding localization
* Netconversion: Adding functions for converting to lowercase/
uppercase/titlecase, and for case-insensitive comparison
* Fix Netfs.copy: When the copy method throws EXDEV, it is
fallen back to a streaming-type copy
* Several fixes for OS X
* Daemonizer: now using a signal for waiting until the children
are up and running
* Fixes for OCaml-4.00
* Better endianness check as suggested by Matias Giovannini
* Fixing handling of `Recv_send_implied sockets in
socket_multiplex_controller
* netzip: it is now autodetected whether the camlzip library
is available under the findlib name "zip" or "camlzip"
This is an update of ocamlnet to its newest version, 3.6. Changes are:
* Netsys_sem: a new abstraction for emulating anonymous
semaphores on systems that only provide named semaphores,
like OS X. All users of semaphores inside Ocamlnet now
base on Netsys_sem.
* reimplementing Netstring_str for the case the Str engine
is used. It is now thread-safe without having to use
mutexes.
* The default is now -disable-pcre
* The module Netstring_pcre has been moved to a library of its
own, namely netstring-pcre. It is only installed if -enable-pcre
* Nethttp.Header.best_media_type: improved
(patch by Christopher Zimmemann)
* Netsys_mem.alloc_memory_pages: one can now mark the memory
pages as executable
* src/netsys/configure: disabling POSIX semaphore check
for win32
* Fixes for OpenBSD (by Christopher Zimmermann)
* Netcgi connectors (SCGI, AJP, FCGI): unifying the ~sockaddr
and ~port arguments. ~port now also assumes a loopback binding.
(Suggested by Christopher Zimmermann).
* Allowing posix_spawn again for MacOS. It turns out the
number of file actions is limited. If we are above the
limit, posix_spawn is not used.
* Ssl_exts: adding function for returning the fingerprint of
a certificate
* Https_client: new verify callback for additional certificate
checks
DragonFly doesn't define AT_SYMLINK_FOLLOW. The added patch will
appropriately disable linkat support.
No revbump necessary - this patch doesn't change the binary on systems
for which it has already built.
6 years of changes. 3.5.1 in particular has:
it is time for another version of Ocamlnet. The new release 3.5 focuses on
the system interface, and includes a long list of smaller improvements.
The system interface, Netsys_posix, is extended by:
- Support for POSIX clocks and POSIX timers (with nanosecond resolution)
- Netsys_posix.spawn usses now the posix_spawn call if present on the OS
- Adding support for pollable events (as e.g. provided by Linux via
eventfd). For other OS an emulation is available.
- Support for epoll on Linux
Note that Netsys_posix covers now large parts of POSIX realtime.
Other improvements:
- The code generator for XDR has been improved. A new switch -direct for
ocamlrpcgen can be used to generate direct mappings between OCaml values
and binary representation (in many cases). Speedups up to 50% are
possible for large XDR values.
- The new module Uq_mt allows it to access an event-driven resource from
several kernel threads (e.g. use an RPC client commonly from several
threads).
- The thread-safety of Netplex container functions has been improved.
- Netmulticore condition variables can now be polled, for better
integration into event-based programs.
- Option greedy_accepts for Netplex to support servers that accept
many connections per second. With this improvement, Netplex can
now accept more than 5000 connections/s, and assign them to worker
processes.
Last but not least there is now a new tutorial for Equeue (event systems
and engines). In particular, the section about combining Ocamlnet with Lwt
might be interesting.
The Ocamlnet project provides a collection of modules for the
Objective Caml language which focus on application-level Internet
protocols and conventions.
The current distribution contains:
- a mature implementation of the CGI protocol
- an implementation of the JSERV protocol (AJP-1.2), can be used with
mod_jserv (Apache JServ) and mod_jk (Jakarta connector) to connect
application servers written in O'Caml with web servers
- a FastCGI implementation
- a POP3 client
- an SMTP client
- a library of string processing functions related to Internet
protocols (formerly known as "netstring" and distributed separately):
MIME encoding/decoding, Date/time parsing, Character encoding
conversion, HTML parsing and printing, URL parsing and printing,
OO-representation of channels, and a lot more.
- an experimental web server component